<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="UTF-8">
	<meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
	<title>Create or update users API | ElasticSearch 7.7 权威指南中文版</title>
	<meta name="keywords" content="ElasticSearch 权威指南中文版, elasticsearch 7, es7, 实时数据分析，实时数据检索" />
    <meta name="description" content="ElasticSearch 权威指南中文版, elasticsearch 7, es7, 实时数据分析，实时数据检索" />
    <!-- Give IE8 a fighting chance -->
    <!--[if lt IE 9]>
    <script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
    <script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
    <![endif]-->
	<link rel="stylesheet" type="text/css" href="../static/styles.css" />
	<script>
	var _link = 'security-api-put-user.html';
    </script>
</head>
<body>
<div class="main-container">
    <section id="content">
        <div class="content-wrapper">
            <section id="guide" lang="zh_cn">
                <div class="container">
                    <div class="row">
                        <div class="col-xs-12 col-sm-8 col-md-8 guide-section">
                            <div style="color:gray; word-break: break-all; font-size:12px;">原英文版地址: <a href="https://www.elastic.co/guide/en/elasticsearch/reference/7.7/security-api-put-user.html" rel="nofollow" target="_blank">https://www.elastic.co/guide/en/elasticsearch/reference/7.7/security-api-put-user.html</a>, 原文档版权归 www.elastic.co 所有<br/>本地英文版地址: <a href="../en/security-api-put-user.html" rel="nofollow" target="_blank">../en/security-api-put-user.html</a></div>
                        <!-- start body -->
                  <div class="page_header">
<strong>重要</strong>: 此版本不会发布额外的bug修复或文档更新。最新信息请参考 <a href="https://www.elastic.co/guide/en/elasticsearch/reference/current/index.html" rel="nofollow">当前版本文档</a>。
</div>
<div id="content">
<div class="breadcrumbs">
<span class="breadcrumb-link"><a href="index.html">Elasticsearch Guide [7.7]</a></span>
»
<span class="breadcrumb-link"><a href="rest-apis.html">REST APIs</a></span>
»
<span class="breadcrumb-link"><a href="security-api.html">Security APIs</a></span>
»
<span class="breadcrumb-node">Create or update users API</span>
</div>
<div class="navheader">
<span class="prev">
<a href="security-api-put-role.html">« Create or update roles API</a>
</span>
<span class="next">
<a href="security-api-delegate-pki-authentication.html">Delegate PKI authentication API »</a>
</span>
</div>
<div class="section xpack">
<div class="titlepage"><div><div>
<h2 class="title">
<a id="security-api-put-user"></a>Create or update users API<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/create-users.asciidoc">edit</a><a class="xpack_tag" href="https://www.elastic.co/subscriptions"></a>
</h2>
</div></div></div>

<p>Adds and updates users in the native realm. These users are commonly referred
to as <em>native users</em>.</p>
<div class="section">
<div class="titlepage"><div><div>
<h3 class="title">
<a id="security-api-put-user-request"></a>Request<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/create-users.asciidoc">edit</a>
</h3>
</div></div></div>
<p><code class="literal">POST /_security/user/&lt;username&gt;</code><br></p>
<p><code class="literal">PUT /_security/user/&lt;username&gt;</code></p>
</div>

<div class="section">
<div class="titlepage"><div><div>
<h3 class="title">
<a id="security-api-put-user-prereqs"></a>Prerequisites<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/create-users.asciidoc">edit</a>
</h3>
</div></div></div>
<div class="ulist itemizedlist">
<ul class="itemizedlist">
<li class="listitem">
To use this API, you must have at least the <code class="literal">manage_security</code> cluster privilege.
</li>
</ul>
</div>
</div>

<div class="section">
<div class="titlepage"><div><div>
<h3 class="title">
<a id="security-api-put-user-desc"></a>Description<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/create-users.asciidoc">edit</a>
</h3>
</div></div></div>
<p>When updating a user, you can update everything but its <code class="literal">username</code> and <code class="literal">password</code>.
To change a user’s password, use the
<a class="xref" href="security-api-change-password.html" title="Change passwords API">change password API</a>.</p>
<p>For more information about the native realm, see
<a class="xref" href="realms.html" title="Realms">Realms</a> and <a class="xref" href="native-realm.html" title="Native user authentication">Native user authentication</a>.</p>
</div>

<div class="section">
<div class="titlepage"><div><div>
<h3 class="title">
<a id="security-api-put-user-path-params"></a>Path parameters<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/create-users.asciidoc">edit</a>
</h3>
</div></div></div>
<div class="variablelist">
<dl class="variablelist">
<dt>
<span class="term">
<code class="literal">username</code>
</span>
</dt>
<dd>
<p>
(Required, string) An identifier for the user.
</p>
<div class="note admon">
<div class="icon"></div>
<div class="admon_content">
<a id="username-validation"></a>
<p>Usernames must be at least 1 and no more than 1024 characters. They can
contain alphanumeric characters (<code class="literal">a-z</code>, <code class="literal">A-Z</code>, <code class="literal">0-9</code>), spaces, punctuation, and
printable symbols in the <a href="https://en.wikipedia.org/wiki/Basic_Latin_(Unicode_block)" class="ulink" target="_top">Basic Latin (ASCII) block</a>. Leading or trailing whitespace is not allowed.</p>
</div>
</div>
</dd>
</dl>
</div>
</div>

<div class="section">
<div class="titlepage"><div><div>
<h3 class="title">
<a id="security-api-put-user-query-params"></a>Query parameters<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/create-users.asciidoc">edit</a>
</h3>
</div></div></div>
<div class="variablelist">
<dl class="variablelist">
<dt>
<span class="term">
<code class="literal">refresh</code>
</span>
</dt>
<dd>
(string) One of <code class="literal">true</code>, <code class="literal">false</code>, or <code class="literal">wait_for</code>.
These values have the same meaning as in the <a class="xref" href="docs-refresh.html" title="?refresh">Index API</a>,
but the default value for this API (Put User) is <code class="literal">true</code>.
</dd>
</dl>
</div>
</div>

<div class="section">
<div class="titlepage"><div><div>
<h3 class="title">
<a id="security-api-put-user-request-body"></a>Request body<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/create-users.asciidoc">edit</a>
</h3>
</div></div></div>
<p>The following parameters can be specified in the body of a POST or PUT request:</p>
<div class="variablelist">
<dl class="variablelist">
<dt>
<span class="term">
<code class="literal">enabled</code>
</span>
</dt>
<dd>
(boolean) Specifies whether the user is enabled. The default value is <code class="literal">true</code>.
</dd>
<dt>
<span class="term">
<code class="literal">email</code>
</span>
</dt>
<dd>
(string) The email of the user.
</dd>
<dt>
<span class="term">
<code class="literal">full_name</code>
</span>
</dt>
<dd>
(string) The full name of the user.
</dd>
<dt>
<span class="term">
<code class="literal">metadata</code>
</span>
</dt>
<dd>
(object) Arbitrary metadata that you want to associate with the user.
</dd>
<dt>
<span class="term">
<code class="literal">password</code>
</span>
</dt>
<dd>
<p>
(string) The user’s password. Passwords must be at least 6 characters long.
</p>
<p>When adding a user, one of <code class="literal">password</code> or <code class="literal">password_hash</code> is required.
When updating an existing user, the password is optional, so that other
fields on the user (such as their roles) may be updated without modifying
the user’s password.</p>
</dd>
<dt>
<span class="term">
<code class="literal">password_hash</code>
</span>
</dt>
<dd>
<p>
(string) A <em>hash</em> of the user’s password. This must be produced using the
same hashing algorithm as has been configured for password storage. For more
details, see the explanation of the
<code class="literal">xpack.security.authc.password_hashing.algorithm</code> setting in
<a class="xref" href="security-settings.html#hashing-settings" title="User cache and password hash algorithms">User cache and password hash algorithms</a>.
</p>
<p>Using this parameter allows the client to pre-hash the password for
performance and/or confidentiality reasons.</p>
<p>The <code class="literal">password</code> parameter and the <code class="literal">password_hash</code> parameter cannot be
used in the same request.</p>
</dd>
<dt>
<span class="term">
<code class="literal">roles</code>
</span>
</dt>
<dd>
(Required, list) A set of roles the user has. The roles determine the user’s
access  permissions. To create a user without any roles, specify an empty list:
<code class="literal">[]</code>.
</dd>
</dl>
</div>
</div>

<div class="section">
<div class="titlepage"><div><div>
<h3 class="title">
<a id="security-api-put-user-example"></a>Examples<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/create-users.asciidoc">edit</a>
</h3>
</div></div></div>
<p>The following example creates a user <code class="literal">jacknich</code>:</p>
<div class="pre_wrapper lang-console">
<pre class="programlisting prettyprint lang-console">POST /_security/user/jacknich
{
  "password" : "j@rV1s",
  "roles" : [ "admin", "other_role1" ],
  "full_name" : "Jack Nicholson",
  "email" : "jacknich@example.com",
  "metadata" : {
    "intelligence" : 7
  }
}</pre>
</div>
<div class="console_widget" data-snippet="snippets/2078.console"></div>
<p>A successful call returns a JSON structure that shows whether the user has been
created or updated.</p>
<div class="pre_wrapper lang-console-result">
<pre class="programlisting prettyprint lang-console-result">{
  "created": true <a id="CO657-1"></a><i class="conum" data-value="1"></i>
}</pre>
</div>
<div class="calloutlist">
<table border="0" summary="Callout list">
<tr>
<td align="left" valign="top" width="5%">
<p><a href="#CO657-1"><i class="conum" data-value="1"></i></a></p>
</td>
<td align="left" valign="top">
<p>When an existing user is updated, <code class="literal">created</code> is set to false.</p>
</td>
</tr>
</table>
</div>
<p>After you add a user, requests from that user can be authenticated. For example:</p>
<div class="pre_wrapper lang-shell">
<pre class="programlisting prettyprint lang-shell">curl -u jacknich:j@rV1s http://localhost:9200/_cluster/health</pre>
</div>
</div>

</div>
<div class="navfooter">
<span class="prev">
<a href="security-api-put-role.html">« Create or update roles API</a>
</span>
<span class="next">
<a href="security-api-delegate-pki-authentication.html">Delegate PKI authentication API »</a>
</span>
</div>
</div>

                  <!-- end body -->
                        </div>
                        <div class="col-xs-12 col-sm-4 col-md-4" id="right_col">
                        
                        </div>
                    </div>
                </div>
            </section>
        </div>
    </section>
</div>
<script src="../static/cn.js"></script>
</body>
</html>